> Should we be completely strict or accept the technically invalid policies that are very common?
+1 to accepting HttpsToken without a child policy + TransportBinding/AlgorithmSuite. > Also, any objections if I go through the code and remove the @author and @version tags? Highly discouraged at Apache…. +1. Colm. On Fri, Mar 8, 2013 at 2:02 PM, Daniel Kulp <[email protected]> wrote: > > Marc/Colm, > > Started looking into the wss4j2 integration stuff on Colms branch in CXF > and have a question: > > In CXF, we have a few places where we're a little more "relaxed" during > parsing since most of the policies that out there may not be 100% correct. > The first example I hit was the ws:Policy child element in an HttpsToken. > wss4j2 throws an exception in this case whereas CXF logs a warning and > continues. What are your thoughts on this? Should we be completely > strict or accept the technically invalid policies that are very common? > Changing the code in HttpsBuilder to: > Policy nestedPolicy; > if (nestedPolicyElement == null) { > //throw new IllegalArgumentException("sp:HttpsToken must have > an inner wsp:Policy element"); > nestedPolicy = new Policy(); > } else { > nestedPolicy = > factory.getPolicyEngine().getPolicy(nestedPolicyElement); > } > seems to work fine. Likely should have a LOG in there….. > > Also, any objections if I go through the code and remove the @author and > @version tags? Highly discouraged at Apache…. but the $Author$ and > $Revision$ things and such don't get expanded with git. :-) > > > Thoughts? > > -- > Daniel Kulp > [email protected] - http://dankulp.com/blog > Talend Community Coder - http://coders.talend.com > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
